I am old enough to remember using a rotary phone — those outdated devices with the big wheel and finger holes. By the eighties, most rotary phones had been replaced with touchtone. The transition to this newer technology was convenient and imperceptible because it was simpler and quicker to use. I distinctly recall having to use a rotary phone several years after adopting the touchtone. I was amazed at how quickly I had developed amnesia, until being forced back to the past. It was slow and laborious to dial any number, especially those that contained 8’s, 9’s, and 0’s. This analogy perfectly sums up how I feel about my personal experience before and after using a password manager. It’s a technology that has changed my life for the better, and I’ll never go back to my old ways.
I currently have over 140 different passwords between my various personal and professional websites. Keeping these organized and accessible was akin to dialing those 9’s and 0’s. I would write my passwords down in paper notebooks or store them in electronic spreadsheets. It’s all I had ever known and I didn’t know any different.
So, what is a Password Management Tool?
Basically, it’s a small piece of software you use on any device to capture, organize and access your website credentials more easily and securely. More advanced functionality allows you to:
- Integrate the software with your web browsers to autofill your username and password. I think the autofill feature alone is worth 10x the price of admission!
- View your passwords anywhere and on any device
- Autofill your digital payment options when making online purchases
- Share your passwords securely with others and vice versa. When a password is updated, the data shared with others is automatically updated too.
- Auto-generate strong passwords
- Use dashboards that show password health scores, alerts on websites that have been compromised, and suggested actions to take.
The cost of using a Password Manager
I’ll share my experience using both free and paid versions. When I first began using a password manager I chose the most inexpensive route, which is free! However, free versions generally limit your ability to store passwords on only one device, and seldom contain the advanced features mentioned above. Free is a significant improvement over the old way and a great place to start or remain, but I found those restrictions limiting at times and in only a few months I upgraded to a paid version. Most products offer a monthly or annual subscription and are quite affordable for what you get. Products such as LastPass and Dashlane, offer family and corporate sharing plans for many users and at a significant discount compared to buying individual accounts.
Another primary difference between free and paid versions is the storage and backup capabilities. On free versions, your data is usually stored on the local device and offers no backup and restore features. Paid versions store the data securely in a remote cloud location, which provides access to your data on any device and restoration of data in the event of a lost or destroyed device. On average, I destroy a phone every 20 months, so I upgraded to a paid version to avoid the inevitable data loss. You can always start out with a free plan and easily upgrade to a paid plan down the road if you change your mind.
A Very Important Note
Password managers require you to remember one master password in order to access the application and your data. This is both super convenient and frightening. The company behind the password manager will never know your master password, and therefore, cannot provide you with your password if you forget it. They can email you a hint that you created when you first set up your account, or help via an account recovery process. Free versions may or may not have password hint or account recovery options, so it’s best to consider this in advance. Neither option is full proof, so I highly recommend you use a complex password you will not forget. My wife and I have taken it one step further and placed our written master passwords in the most secure place we could think of — our family’s safe deposit box.
Password Health Scores and Alerts
I’ve found the health score and alerting dashboards to be useful and informative. They’ve completely changed my approach on passwords. In the past, I had developed my own system of creating new passwords, even as I continued to use a password manager. I’d use a core password and add either a suffix or prefix, and maybe swap some letters or numbers. Example: srpw4455SRPW!, or srpw4455SRPW$. However, if any of the websites I use become compromised, then many of my other websites could become compromised too. It’s significantly easier for a hacker to launch a brute force attack when they have common elements to work with.
My health score dashboard shows me how many of the sites used common elements of my passwords. My score actually sucked, despite how smart and savvy I thought I was. I love to see the color green as opposed to red on any dashboard indicator, so I got to work on updating every single one of my 140+ passwords. I also decided to let go of my control over creating my passwords and delegated this to the password generator (which is much better at randomizing passwords than my feeble brain, and one of the unknowingly best decisions I’ve made). All of my passwords are now 18 characters or greater, super complex, share zero commonality with one another. And I couldn’t tell you what a single one of them is.
I highly recommend everyone use a password manager. They are easy to use, affordable, effective, efficient, and secure. I think it’s one of those technologies that, once you use, it’ll be difficult to imagine your online life without.
Check out this other useful tool: How Secure Is My Password from Security.org. I have this bookmarked in my browser favorites along with Dashlane’s convenient Password Generator Tool. It’s a way to test your password strength. Mine is 19 characters long and says it would take a computer about 500 quadrillion years to crack my master password. I’d love to hear what it says about yours!
Also read: How To Reduce SPAM & Email Threats